skip to Main Content
This website use cookies which are necessary to its functioning and required to achieve the purposes illustrated in the privacy policy. To learn more or withdraw consent please click on Learn More. By continued use of this website you are consenting to our use of cookies.

GLOSSARY

HTTP Request Smuggling

HTTP request smuggling is a cyber-attack method in which an attacker inserts a second request into an original request between a front-end and back-end server.

HTTP request smuggling is a cyber-attack method in which an attacker inserts a second request into an original request between a front-end and back-end server. In a successful HTTP request smuggling attack, the second request is “smuggled” in the initial request and then processed by the back-end server. Hackers frequently execute HTTP request smuggling attacks by altering the Content-Length and Transfer-Encoding HTTP headers. HTTP request smuggling attacks are often high impact as they frequently enable unauthorized data access, bypass security schemes, and directly compromise other application users.

Want to learn more? Check out our FREE Bugcrowd University to sharpen your hacking skills.

Organizations the world over need your help! Join our researcher community to connect with hundreds of organization programs focused on finding their security vulnerabilities. Our vast directory includes programs for all skill levels, across many industries and from around the world.

Back To Top